Pierluigi Paganini March 30, 2025

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime

Ransomware Group Claims Attack on Virginia Attorney General’s Office      

FBI Denver Warns of Online File Converter Scam  

The DNA of organised crime is changing – and so is the threat to Europe  

Exclusive: DOGE staffer ‘Big Balls’ provided tech support to cybercrime ring, records show

A Sneaky Phish Just Grabbed my Mailchimp Mailing List

Arrests in Tap-to-Pay Scheme Powered by Phishing

DeepSeek users targeted with fake sponsored Google ads that deliver malware          

Russia arrests three for allegedly creating Mamont malware, tied to over 300 cybercrimes  

DOJ Seizes USD 8.2M Tied to Pig Butchering Scheme  

Malware

Microsoft Trusted Signing service abused to code-sign malware

Shedding light on the ABYSSWORKER driver 

Raspberry Robin: Copy Shop USB Worm Evolves to Initial Access Broker Enabling Other Threat Actor Attacks

Shifting the sands of RansomHub’s EDRKillShifter  

Multiple crypto packages hijacked, turned into info-stealers  

CoffeeLoader: A Brew of Stealthy Techniques

PJobRAT makes a comeback, takes another crack at chat apps      

Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices

Hacking

Next.js and the corrupt middleware: the authorizing artifact  

Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor’s Infrastructure

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

New GitHub Action supply chain attack: reviewdog/action-setup  

OpenAI Offering $100K Bounties for Critical Vulnerabilities

Over 150K websites hit by full-page hijack linking to Chinese gambling sites  

Intelligence and Information Warfare

Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation  

Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US

RedCurl’s Ransomware Debut: A Technical Deep Dive

You will always remember this as the day you finally caught FamousSparrow      

Private Data and Passwords of Senior U.S. Security Officials Found Online

TURNING AID INTO ATTACK: EXPLOITATION OF PAKISTAN’S YOUTH LAPTOP SCHEME TO TARGET INDIA  

Cybersecurity

The Trump Administration Accidentally Texted Me Its War Plans

Flailing OpenAI Calls for Ban on Chinese AI 

Why government workers and military planners all love Signal now  

SignalGate Isn’t About Signal    

TCCing is Believing  

Oracle Health breach compromises patient data at US hospitals

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)